SlideShare ist ein Scribd-Unternehmen logo

SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

AMD Developer Central
AMD Developer Central

Presentation SE-4101 by Jon Geater from the AMD Developer Summit (APU13) November 11-13, 2013.

TechnologieBusiness
1 von 40
Downloaden Sie, um offline zu lesen
TRUST  THY  NEIGHBOR?   TRUSTWORTHY  MULTI-­‐TENANCY  FOR  THE   MODERN  APPLICATION  ECOSYSTEM  
ABOUT  TRUSTONIC   JON  GEATER,  CHIEF  TECHNICAL  OFFICER   2   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
The  changing   landscape  
THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   Desktop   400   Laptop   300   Smartphone   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   4   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   400   All  PC   Smartphone   300   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   5   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  So  why  are  we  talking  about  Smartphones  at  an   AMD  conference?     !  What  is  a  mobile  device?   6   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
JUST  A  FEW  YEARS  AGO…   MOBILE  SECURITY   !  I  was  working  for  an  Enterprise  Security  company   making  encryp^on  and  key  management  products   !  We  were  asked  by  a  major  US  bank  to  help  them   with  the  problem  they  had  with  informa^on   security  on  mobile  devices   !  2  primary  device  types:   ‒  Laptops       This  one’s  fairly  obvious.    But  this  was  easier  because  of   established  security  vendors  and  no  real  no^on  of   BYOD  for  laptops   ‒  Tape  drives  (!)   They  are  very  mobile…   But  compara^vely  simple  security  problem  .   7   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops  –  truly  heterogeneous!   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   8   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   9   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Sensi^ve     Informa^on  
Security  and   trust  
WHAT  IS  RISK?   Risk  =  probability  x  severity   11   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
WHAT  IS  RISK?   Risk  =  ^me  x  remedia^on   12   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
WHAT  IS  RISK?   Risk  =  likelihood  x  cost   13   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
WHAT  IS  RISK?   How  much  should  I  care  about   this?     When  will  it  happen?     What’s  the  impact  if  it  does?   Risk  =  likelihood  x  cost   14   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
WHAT  IS  SECURITY?   A  Venn  diagram   SECURE 15   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   NOT SECURE
WHAT  IS  SECURITY?   A  Venn  diagram   SECURE?   16   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
WHAT  IS  SECURITY?   Security     Is   Contextual   17   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
THE  RISE  OF  MOBILE   MY CONTROL! NO, MINE! AFFECTS  THE  ENTIRE  CHAIN   !  Things  are  much  more  complicated  now     !  The  different  use  cases  present  a  set  of  conflic^ng   use  cases  that  a  single  extant  planorm  has  to  sa^sfy   !  And  that’s  before  the  user  gets  involved   Privac y please !  Mul^-­‐tenancy  on  a  consumer  device  lacks  some  of   the  more  powerful  approaches  available  to  server   applica^ons   CLOSED! OPEN! !  There  are  also  more  threats  now   ‒  Professionalized  malware   ‒  Threats  always  follow  the  money   18   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
Start  Trusted,   Stay  Trusted  
START  TRUSTED   HARDWARE  ROOTS  OF  TRUST   !  So  how  does  security  enable  trust?   App !  We  typically  define  fundamental  security  building   blocks  as  “Roots  of  Trust”   !  To  be  effec^ve  the  RoT  has  to  be  rooted  in   hardware   ‒  Otherwise  there  are  too  many  ways  to  remove  it,  and   nothing  to  check  back  against   ‒  “Trust,  but  verify”   !  Not  just  a  key:  includes  the  mechanisms,  code  etc   ‒  NIST  guidelines   !  Secure  boot  mechanisms  (including  UEFI)  are  based   on  roots  of  trust   !  Scaling  problem  –  not  everyone  can  own  a  direct   root!    So  the  planorm  has  to  provide  the  main  one   20   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   App   App   App   Opera^ng  System   Protected   Storage   Isola:on   RoT  for   RoT  for   Integrity    Repor-ng   RoT  for     Storage   Device   Integrity   RoT  for     Verifica-on   RoT  for   Measurement   Picture:  Andrew  Regenshield:  NIST/Computer  Security  Division    
STAY  TRUSTED   SECURITY  DOESN’T  STAY  STILL   !  Boot  security  is  necessary  but  not  sufficient   ‒  Doesn’t  account  for  run-­‐^me  exploits   ‒  Good  for  system  FW  but  doesn’t  scale  to  applica^ons     !  Security  is  a  dynamic  affair.    We  need  to  be  able  to  react   as  quickly  as  the  threats/market   !  Planorm  use  cases  shouldn’t  be  fixed  when  the  chip  leaves   the  factory   ‒  Need  to  be  able  to  add  trusted  func^onality  later  on   !  Security  context  is  best  known  to  the  service  providers  but   they  do  not  make  hardware.   ‒  How  to  anchor  their  trust  chains  in  hardware  at  scale?   ‒  How  to  encode  their  use  case  into  general  purpose  HW?   ‒  Can  you  do  a  whole  FW  update  each  ^me  a  single  app   changes?    No!   21   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
TrustZone®   and  TEE  
TRUSTZONE®     HARDWARE  BACKED  SECURITY  FROM  ARM   !  Separa^on  technology  built  into  ARM  Cortex-­‐A   processors   !  Enables  2  independent  process  stacks  to  execute  on   a  single  SoC:  Normal  mode  and  Secure  mode   !  Memory  and  peripherals  can  be  par^^oned  into   secure-­‐only  or  shared   !  Mode  separa^on  is  enforced  by  the  processor  and   fabric  –  stronger  than  MMU     !  Sovware  in  Normal  World  (including  awacks!)  can’t   read  memory  or  peripherals  that  are  reserved  for   Secure  World   !  It  is  not  magic!    Designed  to  defeat  sovware   awacks,  not  na^onal  governments  and  laserbeams   !  Doesn’t  have  any  sovware   23   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TZ  only   Switchable   Normal  
TRUSTED  EXECUTION  ENVIRONMENT     PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   Primary  device   environment     runs  as  normal,   including  other   security   mechanisms     Rich OS Application Environment Client Applications GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlaIorm  APIs   ensure  portability   across  handsets/ plaIorms     GlobalPlatform TEE Client API GlobalPlatformTEE Client API   Security  cri:cal  code   and  resources   protected  by  TEE   applica:ons   Trusted Execution Environment   Trusted Application DRM Trusted Application Payment Payment Trusted Application Corporate Corporate GlobalPlatformTEE Internal API GlobalPlatformTEEInternal Trusted Core Trusted Core Environment Environment Trusted Functions Rich OS   TEE  provides  the   constant  security   founda:on   independent  of  OS   choice       TEE Kernel Hardware Platform Integrity  and  trust   underpinned  by    SoC   Image:  GlobalPlanorm   hardware   24   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL     HW Secure Resources HW Keys, Secure Storage, Trusted UI (Keypad, Screen), Crypto accelerators, NFC controller, Secure Element, etc. Control  of  secure   resources    
TRUSTED  EXECUTION  ENVIRONMENT       PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   !  TEE  combines  the  planorm  hardware  with  sovware   to  provide  an  open  environment  in  which  to  run   security  sensi^ve  code  for  normal  applica^ons   !  Highly  flexible  system  enables  applica^on   stakeholders  to  protect  their  own  func^onality   ‒  Correct  context  is  used   !  GlobalPlanorm  is  not  the  only  model   ‒  But  a  standard  helps  with  a  scalable  ecosystem   !  Provides  simple  APIs  for  cryptography,  secure   storage  etc   !  Working  towards  advanced  APIs  for  things  like   Trusted  User  Interface  (where  applicable)     25   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
BACKEND  TRUST  AND  ENROLMENT   COMPLETING  THE  CHAIN  OF  TRUST   !  A  well-­‐built  TEE  provides  strong  separa^on  of   processes  on  the  device   !  But  as  we’ve  seen,  systems  and  trust  are  bigger   than  the  device   !  A  remote  loading  system  connected  to  the  Roots  Of   Trust  is  essen^al  in  order  to  sustain  a  chain  of  trust   from  Chip  to  Cloud   !  Making  it  essen^al  to  the  crea^on  of  an  ecosystem   !  This  is  not  yet  standardized  but  Trustonic  operates  a   backend  system  connected  to  an  on-­‐chip  Root  of   Trust   26   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
START  TRUSTED,  STAY  TRUSTED   Secure  Kernel   !  Trusted apps are verified before they can run and access sensitive assets – contextual security   !  Normal World can only access trusted apps through published APIs – transaction integrity !  Manufacturing and Backend systems maintain the chain of trust between chip, apps and relying parties     27   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Trusted  app   !  TEE is given control of secure peripherals, memory regions and trusted apps Trusted  app   !  ‘Secure boot’ from SoC ROM assures integrity of TEE and sensitive data assets Trusted  app   LIFECYCLE  SUPPORT  DESIGNED-­‐IN  
WHAT  ABOUT  TPM?   TPM  2.0  protocol  can  be  supported  too   !  TPM 2.0 is an interface specification   REE   TEE   Rich  App   !  Can co-exist with TEE, or run as an application inside it ‒  Or even be a hardware one, if money, space and power allow. Compatible with all models !  Extensive work in the TCG on Firmware TPMs (PCClient group) and Mobile TPMs (Mobile Platforms group) to enable this kind of architecture     28   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Rich  App   TA   TPM  Client  API   TPM   TEE  Client  API   TA   TEE  Internal  API    +     TEE  trusted  UI  ++   Mobile  OS   Smartphone  hardware     Trusted  OS   TEE  entry  
Client  to  Cloud   Examples  
CHIP  TO  CLOUD  TRUST   EXAMPLE  USE  CASE:  SIMPLER  LOGIN   Open Environment LOGO COLOR VERSIONS OTP Launcher Trusted Execution Environment OTP TA Secure OTP generation Secure OTP key storage LOGO Cloud  service  can  have   more  confidence  in  the   ID  claim  they  receive     APIs Client API Rich OS Trusted User Interface LOGO IN BLACK Secure cryptography LOGO ON BLACK ARM TrustZone® enabled SoC 30   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   User  has  the   convenience  of  using   their  preferred  device,   and  fewer  clicks   Secure Mass Storage
CHIP  TO  CLOUD  TRUST   OTHER  USE  CASES   !  Flexible  iden^ty  &  access  use  cases   ‒  Convert  passwords  to  stronger  on-­‐the-­‐wire  creden^als   ‒  Also  biometrics   !  Transac^on  verifica^on  and  protec^on   ‒  Simpler  payments   ‒  Confiden^ality   ‒  binding  integrity   !  Content   ‒  DRM  processing,  innova^ve  delivery  models   !  Enterprise   ‒  On  board  creden^als  for  VPN  etc   ‒  BYOD  trust  anchors   ‒  Virtual  HSM   !  Improve  user  experience   !  Provide  more  innova^ve  services   31   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
CHIP  TO  CLOUD  TRUST   BENEFITS   !  Chip  to  cloud  works  both  ways   ‒  The  client  is  increasingly  the  primary  device.    Remote   service  should  have  to  prove  itself  before  the  device   gives  up  any  sensi^ve  informa^on   ‒  The  flexible  architecture  of  TEE  enables  these  islands  of   trust  to  work  both  ways   !  Ability  to  verify  root  of  trust  separately  enables   greater  confidence  and  unlocks  poten^al  for   enhanced  services  and  user  experience   !  Privacy  impacts  can  be  limited  by  separa^ng  the  key   actors  in  the  system:  something  that  can  happen   naturally   32   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
AMD  and   Trustonic  
AMD  AND  TRUSTONIC   THE  PLATFORM  SECURITY  PROCESSOR   !  The  Planorm  Security  Processor  (PSP)  is  a  dedicated   ARM  co-­‐processor  within  the  APU  dedicated  to   providing  security  func^ons   AMD64   APU   !  Has  its  own  secure  RAM  and  NV  storage   !  Can  access  system  memory   PSP   !  Crypto  func^onality,  including  TRNG   !  Last  month  AMD  and  Trustonic  announced  a   partnership:  AMD  has  licensed  the  Trustonic  TEE  to   run  as  the  security  kernel  in  the  PSP   !  Talk  to  AMD  for  the  PSP  roadmap  and  access  for  3rd   party  security  extensions   34   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TEE   (Not  to  scale!)  
Wrap  up  
WRAPPING  UP      1   The  mobility  trend  affects  ALL  areas  of  compu^ng      2   Security  is  DYNAMIC.    Need  to  keep  up.      3   HARDWARE  trust  is  needed  to  defeat  SOFTWARE  threats      4   A  collabora^ve  ECOSYSTEM  approach  is  essen^al      5   AMD  and  Trustonic  are  working  together  to  enable  this   36   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
37   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
Thank  you  
DISCLAIMER  &  ATTRIBUTION   The  informa^on  presented  in  this  document  is  for  informa^onal  purposes  only  and  may  contain  technical  inaccuracies,  omissions  and  typographical  errors.     The  informa^on  contained  herein  is  subject  to  change  and  may  be  rendered  inaccurate  for  many  reasons,  including  but  not  limited  to  product  and  roadmap   changes,  component  and  motherboard  version  changes,  new  model  and/or  product  releases,  product  differences  between  differing  manufacturers,  sovware   changes,  BIOS  flashes,  firmware  upgrades,  or  the  like.  Trustonic  assumes  no  obliga^on  to  update  or  otherwise  correct  or  revise  this  informa^on.  However,   Trustonic  reserves  the  right  to  revise  this  informa^on  and  to  make  changes  from  ^me  to  ^me  to  the  content  hereof  without  obliga^on  of  AMD  to  no^fy  any   person  of  such  revisions  or  changes.     TRUSTONIC  MAKES  NO  REPRESENTATIONS  OR  WARRANTIES  WITH  RESPECT  TO  THE  CONTENTS  HEREOF  AND  ASSUMES  NO  RESPONSIBILITY  FOR  ANY   INACCURACIES,  ERRORS  OR  OMISSIONS  THAT  MAY  APPEAR  IN  THIS  INFORMATION.     TRUSTONIC  SPECIFICALLY  DISCLAIMS  ANY  IMPLIED  WARRANTIES  OF  MERCHANTABILITY  OR  FITNESS  FOR  ANY  PARTICULAR  PURPOSE.  IN  NO  EVENT  WILL   TRUSTONIC  BE  LIABLE  TO  ANY  PERSON  FOR  ANY  DIRECT,  INDIRECT,  SPECIAL  OR  OTHER  CONSEQUENTIAL  DAMAGES  ARISING  FROM  THE  USE  OF  ANY   INFORMATION  CONTAINED  HEREIN,  EVEN  IF  TRUSTONIC  IS  EXPRESSLY  ADVISED  OF  THE  POSSIBILITY  OF  SUCH  DAMAGES.     ATTRIBUTION   ©  2013  Trustonic  Ltd.  All  rights  reserved.  Trustonic,  the  graphical  <t  logo  and  combina^ons  thereof  are  trademarks  of  Trustonic  Ltd.  in  Europe,  the  United   States  and/or  other  jurisdic^ons.    AMD  is  a  trademark  of  Advanced  Micro  Devices,  Inc.    ARM  and  TrustZone  are  trademarks  of  ARM,  Ltd.Other  names  are  for   informa^onal  purposes  only  and  may  be  trademarks  of  their  respec^ve  owners.   39   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
SESSION  ABSTRACT   !  TITLE:  Trust  thy  neighbour?    Trustworthy  mul^-­‐tenancy  for  the  modern  applica^on  ecosystem   !  SHORT  ABSTRACT:  With  tales  of  leaks,  hacks  and  malware  on  the  rise,  trust  in  mobile  systems  is  in  short   supply  these  days.    In  other  areas  an  almost  opposite  but  equally  troubling  problem  exists  where  walled   gardens  or  security  agents  seek  to  keep  out  the  bad  guys,  but  also  s^fle  innova^on  and  invite  ques^ons  of   trust  in  the  mo^va^on  and  interest  of  the  gardeners.     !  This  talk  looks  at  recent  developments  in  client-­‐to-­‐cloud  trust  technology  in  the  ARM  mobile  device   ecosystem  and  presents  a  model  for  both  security  and  control  that  allows  mul^-­‐tenancy  with  confidence.     It  also  covers  how  AMD  have  adopted  and  adapted  some  of  this  technology  to  create  a  world-­‐leading  SoC   planorm  with  trust  built  into  the  very  heart  of  the  chip.     40   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  

Empfohlen

CE-4026, New Interfaces, by David Brebner
CE-4026, New Interfaces, by David BrebnerCE-4026, New Interfaces, by David Brebner
CE-4026, New Interfaces, by David BrebnerAMD Developer Central
 
SE-4110, Securing Identities in the Cloud, by Martin Ahlers
SE-4110, Securing Identities in the Cloud, by Martin AhlersSE-4110, Securing Identities in the Cloud, by Martin Ahlers
SE-4110, Securing Identities in the Cloud, by Martin AhlersAMD Developer Central
 
SE-4060, Securing the Mobile World, by Norman Shaw and John Pragnell
SE-4060, Securing the Mobile World, by Norman Shaw and John PragnellSE-4060, Securing the Mobile World, by Norman Shaw and John Pragnell
SE-4060, Securing the Mobile World, by Norman Shaw and John PragnellAMD Developer Central
 
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...AMD Developer Central
 
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?SaraPia5
 
2016 Public Safety Vision Strategy Direction - Avaya
2016 Public Safety Vision Strategy Direction - Avaya2016 Public Safety Vision Strategy Direction - Avaya
2016 Public Safety Vision Strategy Direction - AvayaMark Fletcher, ENP
 
MoMo #9 - Nicolas Nova
MoMo #9 - Nicolas NovaMoMo #9 - Nicolas Nova
MoMo #9 - Nicolas NovaMobile Monday Amsterdam
 
Mobile Innovation in Scotland
Mobile Innovation in ScotlandMobile Innovation in Scotland
Mobile Innovation in ScotlandRichard Marshall
 

Empfohlen

CE-4026, New Interfaces, by David Brebner
CE-4026, New Interfaces, by David BrebnerCE-4026, New Interfaces, by David Brebner
CE-4026, New Interfaces, by David BrebnerAMD Developer Central
 
SE-4110, Securing Identities in the Cloud, by Martin Ahlers
SE-4110, Securing Identities in the Cloud, by Martin AhlersSE-4110, Securing Identities in the Cloud, by Martin Ahlers
SE-4110, Securing Identities in the Cloud, by Martin AhlersAMD Developer Central
 
SE-4060, Securing the Mobile World, by Norman Shaw and John Pragnell
SE-4060, Securing the Mobile World, by Norman Shaw and John PragnellSE-4060, Securing the Mobile World, by Norman Shaw and John Pragnell
SE-4060, Securing the Mobile World, by Norman Shaw and John PragnellAMD Developer Central
 
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...
GS-4141, Optimizing Games for Maximum Performance and Graphic Fidelity, by De...AMD Developer Central
 
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?
TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?SaraPia5
 
2016 Public Safety Vision Strategy Direction - Avaya
2016 Public Safety Vision Strategy Direction - Avaya2016 Public Safety Vision Strategy Direction - Avaya
2016 Public Safety Vision Strategy Direction - AvayaMark Fletcher, ENP
 
MoMo #9 - Nicolas Nova
MoMo #9 - Nicolas NovaMoMo #9 - Nicolas Nova
MoMo #9 - Nicolas NovaMobile Monday Amsterdam
 
Mobile Innovation in Scotland
Mobile Innovation in ScotlandMobile Innovation in Scotland
Mobile Innovation in ScotlandRichard Marshall
 
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo..."Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...nois3
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseJuniper Networks
 
Node.js as an IOT Bridge
Node.js as an IOT BridgeNode.js as an IOT Bridge
Node.js as an IOT BridgeEduardo Pelegri-Llopart
 
Leadership In Innovation
Leadership In InnovationLeadership In Innovation
Leadership In InnovationGabriel Palomino
 
SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.Juniper Networks
 
Designing For Interoperability in Mobile
Designing For Interoperability in MobileDesigning For Interoperability in Mobile
Designing For Interoperability in MobileAllSeen Alliance
 
i7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprisesi7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprisesi7Networks
 
The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey NextMarket Insights
 
Prototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to MarketPrototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to MarketParticle
 
Open Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoTOpen Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoTAllSeen Alliance
 
Mobile interoperability and business productivity
Mobile interoperability and business productivityMobile interoperability and business productivity
Mobile interoperability and business productivityAllSeen Alliance
 
Prototyping the Internet of Things
Prototyping the Internet of ThingsPrototyping the Internet of Things
Prototyping the Internet of ThingsDavid Bliss
 
11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial Engineer11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial EngineerMark W. Bennett
 
Introduction to the IoT using AWS
Introduction to the IoT using AWSIntroduction to the IoT using AWS
Introduction to the IoT using AWSVolodymyr Rudyi
 
PSFK CES Guide 2016
PSFK CES Guide 2016PSFK CES Guide 2016
PSFK CES Guide 2016PSFK
 
GOOGLE GLASS
GOOGLE GLASSGOOGLE GLASS
GOOGLE GLASSSrinivas Vasamsetti
 
Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0Jason Boud
 
AWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOpsAWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOpsAmazon Web Services
 
Intelligence Driven Security
Intelligence Driven SecurityIntelligence Driven Security
Intelligence Driven SecurityMarketingArrowECS_CZ
 
Introduction to Node.js
Introduction to Node.jsIntroduction to Node.js
Introduction to Node.jsAMD Developer Central
 
Leverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math LibrariesLeverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math LibrariesAMD Developer Central
 
Ims lect 1
Ims lect 1Ims lect 1
Ims lect 1Dr. Sneha Sharma
 

Weitere ähnliche Inhalte

Was ist angesagt?

"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo..."Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...nois3
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseJuniper Networks
 
Designing For Interoperability in Mobile
Designing For Interoperability in MobileDesigning For Interoperability in Mobile
Designing For Interoperability in MobileAllSeen Alliance
 
i7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprisesi7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprisesi7Networks
 
The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey NextMarket Insights
 
Prototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to MarketPrototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to MarketParticle
 
Open Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoTOpen Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoTAllSeen Alliance
 
Mobile interoperability and business productivity
Mobile interoperability and business productivityMobile interoperability and business productivity
Mobile interoperability and business productivityAllSeen Alliance
 
Prototyping the Internet of Things
Prototyping the Internet of ThingsPrototyping the Internet of Things
Prototyping the Internet of ThingsDavid Bliss
 
11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial Engineer11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial EngineerMark W. Bennett
 
Introduction to the IoT using AWS
Introduction to the IoT using AWSIntroduction to the IoT using AWS
Introduction to the IoT using AWSVolodymyr Rudyi
 
PSFK CES Guide 2016
PSFK CES Guide 2016PSFK CES Guide 2016
PSFK CES Guide 2016PSFK
 
Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0Jason Boud
 
AWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOpsAWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOpsAmazon Web Services
 

Was ist angesagt? (19)

"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo..."Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
"Designing Products & Services for the Internet of Things (IoT)” - Pier Paolo...
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven Enterprise
 
Node.js as an IOT Bridge
Node.js as an IOT BridgeNode.js as an IOT Bridge
Node.js as an IOT Bridge
 
Leadership In Innovation
Leadership In InnovationLeadership In Innovation
Leadership In Innovation
 
SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.
 
Designing For Interoperability in Mobile
Designing For Interoperability in MobileDesigning For Interoperability in Mobile
Designing For Interoperability in Mobile
 
i7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprisesi7 pregerine7 - Agentless byod security for Enterprises
i7 pregerine7 - Agentless byod security for Enterprises
 
The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey The 2017 Smart Home Insider Survey
The 2017 Smart Home Insider Survey
 
Prototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to MarketPrototyping to Production - Get your IoT Product to Market
Prototyping to Production - Get your IoT Product to Market
 
Open Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoTOpen Sourcing the User Experience for the IoT
Open Sourcing the User Experience for the IoT
 
Mobile interoperability and business productivity
Mobile interoperability and business productivityMobile interoperability and business productivity
Mobile interoperability and business productivity
 
Prototyping the Internet of Things
Prototyping the Internet of ThingsPrototyping the Internet of Things
Prototyping the Internet of Things
 
11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial Engineer11-2016_Entrepreneurial Engineer
11-2016_Entrepreneurial Engineer
 
Introduction to the IoT using AWS
Introduction to the IoT using AWSIntroduction to the IoT using AWS
Introduction to the IoT using AWS
 
PSFK CES Guide 2016
PSFK CES Guide 2016PSFK CES Guide 2016
PSFK CES Guide 2016
 
GOOGLE GLASS
GOOGLE GLASSGOOGLE GLASS
GOOGLE GLASS
 
Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0Airheads main conference slideshare v1.0
Airheads main conference slideshare v1.0
 
AWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOpsAWS Secret Region – Lessons Learned Around DevSecOps
AWS Secret Region – Lessons Learned Around DevSecOps
 
Intelligence Driven Security
Intelligence Driven SecurityIntelligence Driven Security
Intelligence Driven Security
 

Andere mochten auch

Leverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math LibrariesLeverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math LibrariesAMD Developer Central
 
DX12 & Vulkan: Dawn of a New Generation of Graphics APIs
DX12 & Vulkan: Dawn of a New Generation of Graphics APIsDX12 & Vulkan: Dawn of a New Generation of Graphics APIs
DX12 & Vulkan: Dawn of a New Generation of Graphics APIsAMD Developer Central
 
Dumping & anti dumping
Dumping & anti dumpingDumping & anti dumping
Dumping & anti dumpingElvistheking
 

Andere mochten auch (7)

Introduction to Node.js
Introduction to Node.jsIntroduction to Node.js
Introduction to Node.js
 
Leverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math LibrariesLeverage the Speed of OpenCL™ with AMD Math Libraries
Leverage the Speed of OpenCL™ with AMD Math Libraries
 
Ims lect 1
Ims lect 1Ims lect 1
Ims lect 1
 
DX12 & Vulkan: Dawn of a New Generation of Graphics APIs
DX12 & Vulkan: Dawn of a New Generation of Graphics APIsDX12 & Vulkan: Dawn of a New Generation of Graphics APIs
DX12 & Vulkan: Dawn of a New Generation of Graphics APIs
 
Dumping & anti dumping
Dumping & anti dumpingDumping & anti dumping
Dumping & anti dumping
 
Dumping of goods
Dumping of goodsDumping of goods
Dumping of goods
 
Dumping
DumpingDumping
Dumping
 

Ähnlich wie SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliverMadison Oliver
 
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...NetMotion Wireless
 
Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Spiceworks Ziff Davis
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats ReportJuniper Networks
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesWavestone
 
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...IRJET Journal
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Zymr Cybersecurity
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity Zymr Cloud
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseSelectedPresentations
 
Women Safety Application
Women Safety ApplicationWomen Safety Application
Women Safety ApplicationIRJET Journal
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docxaulasnilda
 
7.5 steps to overlaying BYoD & IoT on Existing Investments
7.5 steps to overlaying BYoD & IoT on Existing Investments7.5 steps to overlaying BYoD & IoT on Existing Investments
7.5 steps to overlaying BYoD & IoT on Existing InvestmentsCaston Thomas
 
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...Thierry Labro
 
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...UL Transaction Security
 
The impact of mobile devices on information security
The impact of mobile devices on information securityThe impact of mobile devices on information security
The impact of mobile devices on information securityBee_Ware
 

Ähnlich wie SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater (20)

Sholove cyren web security presentation2
Sholove cyren web security presentation2Sholove cyren web security presentation2
Sholove cyren web security presentation2
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliver
 
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...
Frost & Sullivan The New Mobility: How Mobile Applications and Devices are Ch...
 
Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014Weathering mobile-storm-report-october-2014
Weathering mobile-storm-report-october-2014
 
Top Ten Challenges of Securing Smart Infrastructure
Top Ten Challenges of Securing Smart InfrastructureTop Ten Challenges of Securing Smart Infrastructure
Top Ten Challenges of Securing Smart Infrastructure
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
 
The Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devicesThe Internet of Things: the 4 security dimensions of smart devices
The Internet of Things: the 4 security dimensions of smart devices
 
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...
IRJET- An Implementation and Efficient Way to Improve Women Safety Empowe...
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - Zymr
 
Zymr Cybersecurity
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
 
Women Safety Application
Women Safety ApplicationWomen Safety Application
Women Safety Application
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
 
7.5 steps to overlaying BYoD & IoT on Existing Investments
7.5 steps to overlaying BYoD & IoT on Existing Investments7.5 steps to overlaying BYoD & IoT on Existing Investments
7.5 steps to overlaying BYoD & IoT on Existing Investments
 
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
“The Impact of Mobile Devices on Information Security: A Survey of IT and Sec...
 
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
The impact of mobile devices on information security
The impact of mobile devices on information securityThe impact of mobile devices on information security
The impact of mobile devices on information security
 

Mehr von AMD Developer Central

An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware Webinar
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware WebinarAn Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware Webinar
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware WebinarAMD Developer Central
 
Webinar: Whats New in Java 8 with Develop Intelligence
Webinar: Whats New in Java 8 with Develop IntelligenceWebinar: Whats New in Java 8 with Develop Intelligence
Webinar: Whats New in Java 8 with Develop IntelligenceAMD Developer Central
 
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...AMD Developer Central
 
TressFX The Fast and The Furry by Nicolas Thibieroz
TressFX The Fast and The Furry by Nicolas ThibierozTressFX The Fast and The Furry by Nicolas Thibieroz
TressFX The Fast and The Furry by Nicolas ThibierozAMD Developer Central
 
Rendering Battlefield 4 with Mantle by Yuriy ODonnell
Rendering Battlefield 4 with Mantle by Yuriy ODonnellRendering Battlefield 4 with Mantle by Yuriy ODonnell
Rendering Battlefield 4 with Mantle by Yuriy ODonnellAMD Developer Central
 
Low-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil PerssonLow-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil PerssonAMD Developer Central
 
Direct3D12 and the Future of Graphics APIs by Dave Oldcorn
Direct3D12 and the Future of Graphics APIs by Dave OldcornDirect3D12 and the Future of Graphics APIs by Dave Oldcorn
Direct3D12 and the Future of Graphics APIs by Dave OldcornAMD Developer Central
 
Introduction to Direct 3D 12 by Ivan Nevraev
Introduction to Direct 3D 12 by Ivan NevraevIntroduction to Direct 3D 12 by Ivan Nevraev
Introduction to Direct 3D 12 by Ivan NevraevAMD Developer Central
 
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth Thomas
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth ThomasHoly smoke! Faster Particle Rendering using Direct Compute by Gareth Thomas
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth ThomasAMD Developer Central
 
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...AMD Developer Central
 
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...AMD Developer Central
 
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14AMD Developer Central
 
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14AMD Developer Central
 
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...AMD Developer Central
 
Mantle - Introducing a new API for Graphics - AMD at GDC14
Mantle - Introducing a new API for Graphics - AMD at GDC14Mantle - Introducing a new API for Graphics - AMD at GDC14
Mantle - Introducing a new API for Graphics - AMD at GDC14AMD Developer Central
 

Mehr von AMD Developer Central (20)

Media SDK Webinar 2014
Media SDK Webinar 2014Media SDK Webinar 2014
Media SDK Webinar 2014
 
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware Webinar
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware WebinarAn Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware Webinar
An Introduction to OpenCL™ Programming with AMD GPUs - AMD & Acceleware Webinar
 
DirectGMA on AMD’S FirePro™ GPUS
DirectGMA on AMD’S FirePro™ GPUSDirectGMA on AMD’S FirePro™ GPUS
DirectGMA on AMD’S FirePro™ GPUS
 
Webinar: Whats New in Java 8 with Develop Intelligence
Webinar: Whats New in Java 8 with Develop IntelligenceWebinar: Whats New in Java 8 with Develop Intelligence
Webinar: Whats New in Java 8 with Develop Intelligence
 
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...
The Small Batch (and other) solutions in Mantle API, by Guennadi Riguer, Mant...
 
Inside XBox- One, by Martin Fuller
Inside XBox- One, by Martin FullerInside XBox- One, by Martin Fuller
Inside XBox- One, by Martin Fuller
 
TressFX The Fast and The Furry by Nicolas Thibieroz
TressFX The Fast and The Furry by Nicolas ThibierozTressFX The Fast and The Furry by Nicolas Thibieroz
TressFX The Fast and The Furry by Nicolas Thibieroz
 
Rendering Battlefield 4 with Mantle by Yuriy ODonnell
Rendering Battlefield 4 with Mantle by Yuriy ODonnellRendering Battlefield 4 with Mantle by Yuriy ODonnell
Rendering Battlefield 4 with Mantle by Yuriy ODonnell
 
Low-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil PerssonLow-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil Persson
 
Gcn performance ftw by stephan hodes
Gcn performance ftw by stephan hodesGcn performance ftw by stephan hodes
Gcn performance ftw by stephan hodes
 
Inside XBOX ONE by Martin Fuller
Inside XBOX ONE by Martin FullerInside XBOX ONE by Martin Fuller
Inside XBOX ONE by Martin Fuller
 
Direct3D12 and the Future of Graphics APIs by Dave Oldcorn
Direct3D12 and the Future of Graphics APIs by Dave OldcornDirect3D12 and the Future of Graphics APIs by Dave Oldcorn
Direct3D12 and the Future of Graphics APIs by Dave Oldcorn
 
Introduction to Direct 3D 12 by Ivan Nevraev
Introduction to Direct 3D 12 by Ivan NevraevIntroduction to Direct 3D 12 by Ivan Nevraev
Introduction to Direct 3D 12 by Ivan Nevraev
 
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth Thomas
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth ThomasHoly smoke! Faster Particle Rendering using Direct Compute by Gareth Thomas
Holy smoke! Faster Particle Rendering using Direct Compute by Gareth Thomas
 
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...
Computer Vision Powered by Heterogeneous System Architecture (HSA) by Dr. Ha...
 
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...
Productive OpenCL Programming An Introduction to OpenCL Libraries with Array...
 
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14
Rendering Battlefield 4 with Mantle by Johan Andersson - AMD at GDC14
 
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14
RapidFire - the Easy Route to low Latency Cloud Gaming Solutions - AMD at GDC14
 
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...
Mantle and Nitrous - Combining Efficient Engine Design with a modern API - AM...
 
Mantle - Introducing a new API for Graphics - AMD at GDC14
Mantle - Introducing a new API for Graphics - AMD at GDC14Mantle - Introducing a new API for Graphics - AMD at GDC14
Mantle - Introducing a new API for Graphics - AMD at GDC14
 

Kürzlich hochgeladen

Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 

Kürzlich hochgeladen (20)

Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 

SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

  • 1. TRUST  THY  NEIGHBOR?   TRUSTWORTHY  MULTI-­‐TENANCY  FOR  THE   MODERN  APPLICATION  ECOSYSTEM  
  • 2. ABOUT  TRUSTONIC   JON  GEATER,  CHIEF  TECHNICAL  OFFICER   2   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 4. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   Desktop   400   Laptop   300   Smartphone   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   4   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  • 5. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   400   All  PC   Smartphone   300   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   5   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  • 6. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  So  why  are  we  talking  about  Smartphones  at  an   AMD  conference?     !  What  is  a  mobile  device?   6   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 7. JUST  A  FEW  YEARS  AGO…   MOBILE  SECURITY   !  I  was  working  for  an  Enterprise  Security  company   making  encryp^on  and  key  management  products   !  We  were  asked  by  a  major  US  bank  to  help  them   with  the  problem  they  had  with  informa^on   security  on  mobile  devices   !  2  primary  device  types:   ‒  Laptops       This  one’s  fairly  obvious.    But  this  was  easier  because  of   established  security  vendors  and  no  real  no^on  of   BYOD  for  laptops   ‒  Tape  drives  (!)   They  are  very  mobile…   But  compara^vely  simple  security  problem  .   7   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 8. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops  –  truly  heterogeneous!   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   8   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 9. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   9   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Sensi^ve     Informa^on  
  • 11. WHAT  IS  RISK?   Risk  =  probability  x  severity   11   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 12. WHAT  IS  RISK?   Risk  =  ^me  x  remedia^on   12   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 13. WHAT  IS  RISK?   Risk  =  likelihood  x  cost   13   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 14. WHAT  IS  RISK?   How  much  should  I  care  about   this?     When  will  it  happen?     What’s  the  impact  if  it  does?   Risk  =  likelihood  x  cost   14   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 15. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE 15   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   NOT SECURE
  • 16. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE?   16   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 17. WHAT  IS  SECURITY?   Security     Is   Contextual   17   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 18. THE  RISE  OF  MOBILE   MY CONTROL! NO, MINE! AFFECTS  THE  ENTIRE  CHAIN   !  Things  are  much  more  complicated  now     !  The  different  use  cases  present  a  set  of  conflic^ng   use  cases  that  a  single  extant  planorm  has  to  sa^sfy   !  And  that’s  before  the  user  gets  involved   Privac y please !  Mul^-­‐tenancy  on  a  consumer  device  lacks  some  of   the  more  powerful  approaches  available  to  server   applica^ons   CLOSED! OPEN! !  There  are  also  more  threats  now   ‒  Professionalized  malware   ‒  Threats  always  follow  the  money   18   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 19. Start  Trusted,   Stay  Trusted  
  • 20. START  TRUSTED   HARDWARE  ROOTS  OF  TRUST   !  So  how  does  security  enable  trust?   App !  We  typically  define  fundamental  security  building   blocks  as  “Roots  of  Trust”   !  To  be  effec^ve  the  RoT  has  to  be  rooted  in   hardware   ‒  Otherwise  there  are  too  many  ways  to  remove  it,  and   nothing  to  check  back  against   ‒  “Trust,  but  verify”   !  Not  just  a  key:  includes  the  mechanisms,  code  etc   ‒  NIST  guidelines   !  Secure  boot  mechanisms  (including  UEFI)  are  based   on  roots  of  trust   !  Scaling  problem  –  not  everyone  can  own  a  direct   root!    So  the  planorm  has  to  provide  the  main  one   20   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   App   App   App   Opera^ng  System   Protected   Storage   Isola:on   RoT  for   RoT  for   Integrity    Repor-ng   RoT  for     Storage   Device   Integrity   RoT  for     Verifica-on   RoT  for   Measurement   Picture:  Andrew  Regenshield:  NIST/Computer  Security  Division    
  • 21. STAY  TRUSTED   SECURITY  DOESN’T  STAY  STILL   !  Boot  security  is  necessary  but  not  sufficient   ‒  Doesn’t  account  for  run-­‐^me  exploits   ‒  Good  for  system  FW  but  doesn’t  scale  to  applica^ons     !  Security  is  a  dynamic  affair.    We  need  to  be  able  to  react   as  quickly  as  the  threats/market   !  Planorm  use  cases  shouldn’t  be  fixed  when  the  chip  leaves   the  factory   ‒  Need  to  be  able  to  add  trusted  func^onality  later  on   !  Security  context  is  best  known  to  the  service  providers  but   they  do  not  make  hardware.   ‒  How  to  anchor  their  trust  chains  in  hardware  at  scale?   ‒  How  to  encode  their  use  case  into  general  purpose  HW?   ‒  Can  you  do  a  whole  FW  update  each  ^me  a  single  app   changes?    No!   21   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 23. TRUSTZONE®     HARDWARE  BACKED  SECURITY  FROM  ARM   !  Separa^on  technology  built  into  ARM  Cortex-­‐A   processors   !  Enables  2  independent  process  stacks  to  execute  on   a  single  SoC:  Normal  mode  and  Secure  mode   !  Memory  and  peripherals  can  be  par^^oned  into   secure-­‐only  or  shared   !  Mode  separa^on  is  enforced  by  the  processor  and   fabric  –  stronger  than  MMU     !  Sovware  in  Normal  World  (including  awacks!)  can’t   read  memory  or  peripherals  that  are  reserved  for   Secure  World   !  It  is  not  magic!    Designed  to  defeat  sovware   awacks,  not  na^onal  governments  and  laserbeams   !  Doesn’t  have  any  sovware   23   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TZ  only   Switchable   Normal  
  • 24. TRUSTED  EXECUTION  ENVIRONMENT     PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   Primary  device   environment     runs  as  normal,   including  other   security   mechanisms     Rich OS Application Environment Client Applications GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlaIorm  APIs   ensure  portability   across  handsets/ plaIorms     GlobalPlatform TEE Client API GlobalPlatformTEE Client API   Security  cri:cal  code   and  resources   protected  by  TEE   applica:ons   Trusted Execution Environment   Trusted Application DRM Trusted Application Payment Payment Trusted Application Corporate Corporate GlobalPlatformTEE Internal API GlobalPlatformTEEInternal Trusted Core Trusted Core Environment Environment Trusted Functions Rich OS   TEE  provides  the   constant  security   founda:on   independent  of  OS   choice       TEE Kernel Hardware Platform Integrity  and  trust   underpinned  by    SoC   Image:  GlobalPlanorm   hardware   24   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL     HW Secure Resources HW Keys, Secure Storage, Trusted UI (Keypad, Screen), Crypto accelerators, NFC controller, Secure Element, etc. Control  of  secure   resources    
  • 25. TRUSTED  EXECUTION  ENVIRONMENT       PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   !  TEE  combines  the  planorm  hardware  with  sovware   to  provide  an  open  environment  in  which  to  run   security  sensi^ve  code  for  normal  applica^ons   !  Highly  flexible  system  enables  applica^on   stakeholders  to  protect  their  own  func^onality   ‒  Correct  context  is  used   !  GlobalPlanorm  is  not  the  only  model   ‒  But  a  standard  helps  with  a  scalable  ecosystem   !  Provides  simple  APIs  for  cryptography,  secure   storage  etc   !  Working  towards  advanced  APIs  for  things  like   Trusted  User  Interface  (where  applicable)     25   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 26. BACKEND  TRUST  AND  ENROLMENT   COMPLETING  THE  CHAIN  OF  TRUST   !  A  well-­‐built  TEE  provides  strong  separa^on  of   processes  on  the  device   !  But  as  we’ve  seen,  systems  and  trust  are  bigger   than  the  device   !  A  remote  loading  system  connected  to  the  Roots  Of   Trust  is  essen^al  in  order  to  sustain  a  chain  of  trust   from  Chip  to  Cloud   !  Making  it  essen^al  to  the  crea^on  of  an  ecosystem   !  This  is  not  yet  standardized  but  Trustonic  operates  a   backend  system  connected  to  an  on-­‐chip  Root  of   Trust   26   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 27. START  TRUSTED,  STAY  TRUSTED   Secure  Kernel   !  Trusted apps are verified before they can run and access sensitive assets – contextual security   !  Normal World can only access trusted apps through published APIs – transaction integrity !  Manufacturing and Backend systems maintain the chain of trust between chip, apps and relying parties     27   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Trusted  app   !  TEE is given control of secure peripherals, memory regions and trusted apps Trusted  app   !  ‘Secure boot’ from SoC ROM assures integrity of TEE and sensitive data assets Trusted  app   LIFECYCLE  SUPPORT  DESIGNED-­‐IN  
  • 28. WHAT  ABOUT  TPM?   TPM  2.0  protocol  can  be  supported  too   !  TPM 2.0 is an interface specification   REE   TEE   Rich  App   !  Can co-exist with TEE, or run as an application inside it ‒  Or even be a hardware one, if money, space and power allow. Compatible with all models !  Extensive work in the TCG on Firmware TPMs (PCClient group) and Mobile TPMs (Mobile Platforms group) to enable this kind of architecture     28   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Rich  App   TA   TPM  Client  API   TPM   TEE  Client  API   TA   TEE  Internal  API    +     TEE  trusted  UI  ++   Mobile  OS   Smartphone  hardware     Trusted  OS   TEE  entry  
  • 29. Client  to  Cloud   Examples  
  • 30. CHIP  TO  CLOUD  TRUST   EXAMPLE  USE  CASE:  SIMPLER  LOGIN   Open Environment LOGO COLOR VERSIONS OTP Launcher Trusted Execution Environment OTP TA Secure OTP generation Secure OTP key storage LOGO Cloud  service  can  have   more  confidence  in  the   ID  claim  they  receive     APIs Client API Rich OS Trusted User Interface LOGO IN BLACK Secure cryptography LOGO ON BLACK ARM TrustZone® enabled SoC 30   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   User  has  the   convenience  of  using   their  preferred  device,   and  fewer  clicks   Secure Mass Storage
  • 31. CHIP  TO  CLOUD  TRUST   OTHER  USE  CASES   !  Flexible  iden^ty  &  access  use  cases   ‒  Convert  passwords  to  stronger  on-­‐the-­‐wire  creden^als   ‒  Also  biometrics   !  Transac^on  verifica^on  and  protec^on   ‒  Simpler  payments   ‒  Confiden^ality   ‒  binding  integrity   !  Content   ‒  DRM  processing,  innova^ve  delivery  models   !  Enterprise   ‒  On  board  creden^als  for  VPN  etc   ‒  BYOD  trust  anchors   ‒  Virtual  HSM   !  Improve  user  experience   !  Provide  more  innova^ve  services   31   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 32. CHIP  TO  CLOUD  TRUST   BENEFITS   !  Chip  to  cloud  works  both  ways   ‒  The  client  is  increasingly  the  primary  device.    Remote   service  should  have  to  prove  itself  before  the  device   gives  up  any  sensi^ve  informa^on   ‒  The  flexible  architecture  of  TEE  enables  these  islands  of   trust  to  work  both  ways   !  Ability  to  verify  root  of  trust  separately  enables   greater  confidence  and  unlocks  poten^al  for   enhanced  services  and  user  experience   !  Privacy  impacts  can  be  limited  by  separa^ng  the  key   actors  in  the  system:  something  that  can  happen   naturally   32   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 34. AMD  AND  TRUSTONIC   THE  PLATFORM  SECURITY  PROCESSOR   !  The  Planorm  Security  Processor  (PSP)  is  a  dedicated   ARM  co-­‐processor  within  the  APU  dedicated  to   providing  security  func^ons   AMD64   APU   !  Has  its  own  secure  RAM  and  NV  storage   !  Can  access  system  memory   PSP   !  Crypto  func^onality,  including  TRNG   !  Last  month  AMD  and  Trustonic  announced  a   partnership:  AMD  has  licensed  the  Trustonic  TEE  to   run  as  the  security  kernel  in  the  PSP   !  Talk  to  AMD  for  the  PSP  roadmap  and  access  for  3rd   party  security  extensions   34   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TEE   (Not  to  scale!)  
  • 36. WRAPPING  UP      1   The  mobility  trend  affects  ALL  areas  of  compu^ng      2   Security  is  DYNAMIC.    Need  to  keep  up.      3   HARDWARE  trust  is  needed  to  defeat  SOFTWARE  threats      4   A  collabora^ve  ECOSYSTEM  approach  is  essen^al      5   AMD  and  Trustonic  are  working  together  to  enable  this   36   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 37. 37   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 39. DISCLAIMER  &  ATTRIBUTION   The  informa^on  presented  in  this  document  is  for  informa^onal  purposes  only  and  may  contain  technical  inaccuracies,  omissions  and  typographical  errors.     The  informa^on  contained  herein  is  subject  to  change  and  may  be  rendered  inaccurate  for  many  reasons,  including  but  not  limited  to  product  and  roadmap   changes,  component  and  motherboard  version  changes,  new  model  and/or  product  releases,  product  differences  between  differing  manufacturers,  sovware   changes,  BIOS  flashes,  firmware  upgrades,  or  the  like.  Trustonic  assumes  no  obliga^on  to  update  or  otherwise  correct  or  revise  this  informa^on.  However,   Trustonic  reserves  the  right  to  revise  this  informa^on  and  to  make  changes  from  ^me  to  ^me  to  the  content  hereof  without  obliga^on  of  AMD  to  no^fy  any   person  of  such  revisions  or  changes.     TRUSTONIC  MAKES  NO  REPRESENTATIONS  OR  WARRANTIES  WITH  RESPECT  TO  THE  CONTENTS  HEREOF  AND  ASSUMES  NO  RESPONSIBILITY  FOR  ANY   INACCURACIES,  ERRORS  OR  OMISSIONS  THAT  MAY  APPEAR  IN  THIS  INFORMATION.     TRUSTONIC  SPECIFICALLY  DISCLAIMS  ANY  IMPLIED  WARRANTIES  OF  MERCHANTABILITY  OR  FITNESS  FOR  ANY  PARTICULAR  PURPOSE.  IN  NO  EVENT  WILL   TRUSTONIC  BE  LIABLE  TO  ANY  PERSON  FOR  ANY  DIRECT,  INDIRECT,  SPECIAL  OR  OTHER  CONSEQUENTIAL  DAMAGES  ARISING  FROM  THE  USE  OF  ANY   INFORMATION  CONTAINED  HEREIN,  EVEN  IF  TRUSTONIC  IS  EXPRESSLY  ADVISED  OF  THE  POSSIBILITY  OF  SUCH  DAMAGES.     ATTRIBUTION   ©  2013  Trustonic  Ltd.  All  rights  reserved.  Trustonic,  the  graphical  <t  logo  and  combina^ons  thereof  are  trademarks  of  Trustonic  Ltd.  in  Europe,  the  United   States  and/or  other  jurisdic^ons.    AMD  is  a  trademark  of  Advanced  Micro  Devices,  Inc.    ARM  and  TrustZone  are  trademarks  of  ARM,  Ltd.Other  names  are  for   informa^onal  purposes  only  and  may  be  trademarks  of  their  respec^ve  owners.   39   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 40. SESSION  ABSTRACT   !  TITLE:  Trust  thy  neighbour?    Trustworthy  mul^-­‐tenancy  for  the  modern  applica^on  ecosystem   !  SHORT  ABSTRACT:  With  tales  of  leaks,  hacks  and  malware  on  the  rise,  trust  in  mobile  systems  is  in  short   supply  these  days.    In  other  areas  an  almost  opposite  but  equally  troubling  problem  exists  where  walled   gardens  or  security  agents  seek  to  keep  out  the  bad  guys,  but  also  s^fle  innova^on  and  invite  ques^ons  of   trust  in  the  mo^va^on  and  interest  of  the  gardeners.     !  This  talk  looks  at  recent  developments  in  client-­‐to-­‐cloud  trust  technology  in  the  ARM  mobile  device   ecosystem  and  presents  a  model  for  both  security  and  control  that  allows  mul^-­‐tenancy  with  confidence.     It  also  covers  how  AMD  have  adopted  and  adapted  some  of  this  technology  to  create  a  world-­‐leading  SoC   planorm  with  trust  built  into  the  very  heart  of  the  chip.     40   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL